Lucene search
+L

5 matches found

Vulnrichment
Vulnrichment
added 2026/02/03 10:9 p.m.5 views

CVE-2020-37084 School ERP Pro 1.0 Admin Profile Photo Upload Remote Code Execution Vulnerability

School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin users to upload arbitrary PHP files as profile photos by bypassing file extension checks. Attackers can exploit improper file validation in pre-editstudent.inc.php to execute arbitrary code on the...

8.6CVSS6.9AI score0.00814EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/03 10:9 p.m.28 views

CVE-2020-37084 School ERP Pro 1.0 Admin Profile Photo Upload Remote Code Execution Vulnerability

School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin users to upload arbitrary PHP files as profile photos by bypassing file extension checks. Attackers can exploit improper file validation in pre-editstudent.inc.php to execute arbitrary code on the...

8.6CVSS0.00814EPSS
Exploits1References4
CVE
CVE
added 2026/02/03 10:9 p.m.16 views

CVE-2020-37084

CVE-2020-37084 affects School ERP Pro 1.0. An authenticated administrator can upload arbitrary PHP files as profile photos by bypassing file extension checks, via improper validation in pre-editstudent.inc.php, enabling remote code execution on the server. The vulnerability is tied to the admin p...

8.6CVSS6.9AI score0.00814EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.8 views

PT-2026-5834

Name of the Vulnerable Software and Affected Versions School ERP Pro version 1.0 Description School ERP Pro version 1.0 has a flaw that permits authenticated administrators to upload arbitrary PHP files as profile pictures, circumventing file extension validation. This is due to inadequate file...

8.6CVSS6AI score0.00814EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.9 views

Arox School ERP Pro 代码问题漏洞

Arox School ERP Pro is a one-stop automation management platform offered by Arox Corporation. Version 1.0 of Arox School ERP Pro has a code vulnerability. This vulnerability stems from improper file validation in the pre-editstudent.inc.php file. It allows authenticated administrator users to...

8.6CVSS6.1AI score0.00814EPSS
Exploits1References6
Rows per page
Query Builder